HybridPetya: More proof that Secure Boot bypasses are not just an urban legend
A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI)…
Samsung patches actively exploited zero-day reported by WhatsApp
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android…
CVE-2025-10127 (CVSS 9.8): Critical Daikin Flaw Could Give Hackers Full System Access
Ddos September 12, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory about a critical flaw in…
CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited
Ddos September 12, 2025 The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in Dassault Systèmes DELMIA…
Palo Alto Networks User-ID Credential Agent Vulnerability Exposes password In Cleartext
A newly disclosed vulnerability in Palo Alto Networks’ User-ID Credential Agent for Windows, identified as CVE-2025-4235, could…
Australia Warns of Ransomware Attacks Exploiting SonicWall VPN Flaw CVE-2024-40766
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of…
Vulnerability Management – common understanding and language enable teamwork
Part of a series This Blog post is part of the series Vulnerability Management Series: 3D (Definition, Deep-Dive, and Difficulties) Part 1…
Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise
Ddos September 11, 2025 Researchers at Palo Alto Networks’ Unit 42 have published a report detailing the rise of AdaptixC2, an open-source…
ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)
Ddos September 11, 2025 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active…
I SPy: Escalating to Entra ID's Global Admin with a first-party app
This research was presented at fwd:cloudsec North America on June 30th, 2025. You can find the talk here. Key points Service principals (SPs)…
Tales from the cloud trenches: The Attacker doth persist too much, methinks
As a result of a recent threat hunt, we observed attacker activity originating from a leaked long-term AWS access key (AKIA*). Within a…
Datadog threat roundup: Top insights for Q1 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…